Published: 03/11/2015 Updated: 12/02/2019

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

libstagefright in Android prior to 5.1.1 LMY48X and 6.0 prior to 2015-11-01 allows malicious users to gain privileges or cause a denial of service (memory corruption) via a crafted application, aka internal bug 23707088.

Vulnerable Product	Search on Vulmon	Subscribe to Product
google android 6.0
google android

Google roasts critical twin Android bugs in new Marshmallow OS

The Register • Darren Pauli • 03 Nov 2015

Privilege escalation and remote code execution feature in fourth droid patch run.

Google has patched two critical remote code execution vulnerabilities as part of a suite of seven fixes in its fourth round of Android patching since August. The over-the-air updates set to hit Nexus, Samsung, and Android Open Source Project (AOSP) devices first for Google's latest Marshmallow Android operating system. Google informed "partners" on 5 October and patch source code is set to hit the AOSP soon. Two flaws rated critical include libutils (CVE-2015-6609) and mediaserver (CVE-2015-6608...

CVE-2015-6610

Vulnerability Summary

Recent Articles

References

Vulmon Search

About

Products

Connect